This is not meant to be a flame, but I'm very curious why someone would become a member of EH-Net and not participate? Sure there are benefits to membership, most notably is being eligible for Free Monthly Giveaways. But you can't win the $1000s in prizes unless you participate.

Maybe this question will bring some more of you out of the shadows and share with us what brought you to EH-Net and why you became a member. Who knows, it may spark additional conversations which is always great for the community.

That’s true. I wonder why people bother to sign up and not post, unless they are just forum junkies and sign in to a forum just out of habit.

Some people might not post because they feel they don’t have any high level thing to contribute. That’s unfortunate because any contribution can be good. Some people might just be script kiddies hoping to get a free ride and learn some new stuff they can impress their IRC buddies with and don’t want to contribute anything back.

This forum is free and the information in here is priceless as far as security goes. I think many of us in the past would have or perhaps have paid a lot to learn some of things presented here. Damn, I wish this forum existed a few years back!

My feeling is if this is a free forum then it’s not too much to ask people to contribute a little with a post here or there. It doesn’t have to be anything great. Even just a kind word on a video that someone has gone through a lot of effort to present is not a bad place to start.

I've just signed up recently and since then have tried contributing but I find that I'm asking more questions then providing knowledge myself. This is probably because I'm just starting out and trying to break into the InfoSec industry so I don't really know what I can contribute. I'm a sponge for anything InfoSec related though and very much appreciate everything about this site and it's "contributing" members!

that's ok... no one begins their INFOSEC profession knowing everything there is to know about the field.

i know i didnt, hell there's plenty of people that have forgotten more about INFOSEC than i'll ever know!

i'll do a plug for LSO since you have signed up, that there is a pretty good amount of information on the site for people getting into security, check out the core & advanced competencies sections on the site.

Last edited by LSOChris on Wed Nov 29, 2006 6:05 pm, edited 1 time in total.

I've been to your site a few times. The last time I logged in was the first time I surfed around your forums. It seemed like it was quite out of date, in regards to the last time someone posted on there. Perhaps I wasn't looking in the right location though. I also can't afford a membership to LSO or anything at all right now. To tell you the truth, I can barely afford a bus pass, let alone anything else. That's why I had to volunteer to get my SANS Conference paid for and that's why I always self-study. The only jobs I can find in the IT field are the low paying Tech Support jobs (like my current one with Dell).

Off to dream about an actual IT Security job... (at work currently) lol

Keep your head up, and keep studying and posting. After the Navy I started at a very low paying workstation support job at a world-wide corporation. I self-studied like crazy every night. I drove myself to pass the exams the first time (preparing to one-shot the $300 CCIE written back then almost drove me crazy). The reason I had to pass the first time was not because of ego, but because I paid for the exams... my employer didn't. Money was very tight with a wife and a small child, and I literally couldn't afford to fail. The money aspect of it was a great motivator for me.

Long story short... I changed jobs three times in a year and a half, and only had to move down the hall. My pay almost tripled in that time frame. I eventually deployed their firewalls, world-wide VPN, handled security in remote locations, etc. After being at that company for four years, I started my own business. I still self-study a lot... maybe not quite as hard as I used to

You seem to have the drive to succeed, and are willing to put in the hours to get there. Stay motivated. You will do well. Keep asking questions and keep posting. You are actually helping others... Answering questions or explaining a topic can help further one's understand that topic, or at least help them explain what they do for a living at parties

Oh, the company I mentioned above... they are now one of my clients... They pay a bit more for my time now.

I think with all the talent in this forum anyone can learn a lot and do not feel like your questions are too basic or worry that you will get flamed. If you have a question just ask (well it dose have to be kinda on topic). Don and the rest of the gang are here to support anyone wanting to learn or discuss Security, Ethical Hacking, Certs, IT, heck just about anything computer related. Anyway I just want everyone to know that the members here are very open to chat with anyone and we do not look down on others with less skills (we all started at some point).

Great topic and great post - but coming back to the topic started by Don - Why do people register if they do not wish to post? - I think one reason is generally people have a seperate mail ID for handing forum and discussion forum mails and if you subscribe or use the notify feature, you get all the post in just one location - just like your SYSLOG Server - I think the non-posters are working this way...

I do think that the reason why some members are not posting is because they feel they're taking but not giving to the forum. That's what I was feeling anyway. Asking all the questions but not enough experience or knowledge yet to give back to the forum.

Thanks for the update, Chris. I just logged in and see what you were talking about in regards to the Core & Advanced Competencies. Just reading up on those now.

Dman, quite the motivational message! You sure seem to be able to relate where I am right now. Just hope I can make it out of this like you did. It's quite hard getting out of regular tech support and into an IT Security position since they all seem to require years of professional security experience and you can't get that experience because no one will take you without it. confusing, eh? That's why I'm getting all the security certs I can (one-shot attemps). Are you currently a consultant then? (ethical hacker/pen-tester)

I have to agree with P0et. The primary reason why I wasn't posting very much was because I didn't feel that I had very much to contribute to the group. Some of the people on these forums are submitting great videos of how to use metasploit with nmap to crack MS SQL server and I've got nothing that is on par with that.

Having said that, this months contest really motivated me to start participating in the forums. And truth be told, even if I don't have the greatest stuff to contribute, I do have some stuff, and I hope that the threads I've started and the work I've contributed is helpful to someone. Also, asking questions spurs conversation and that adds to the overall level of content available on the site. The first thing for me was to get over my shyness and say "I'm going to put something out there, regardless of how good or bad or unpolished it may be."

I've also been slow to add stuff to the site because the focus of this site is how to hack into something, and most of my effort goes into how to stop people from getting into stuff. So I feel like a lot of the things that I do have to contribute aren't the most relevant.

Maybe you can help us figure out the best way to get others to overcome their shyness. Most visitors don't have the resume or knowledge of people like Dan Hoffman, Chris Gates, Ed Shoudis et al. That's why they have columns. The boards are for everybody. So if most visitors to the forums have less ability, then the simple questions will actually add more value to the community and it's members than articles on how to hack into SQL Servers and crack passwords with rainbow tables. The basics are great for all.

As for your feelings on the focus of the site, I have to disagree. The site name is Ethical Hacker. Most articles that may show how to break into something, also show how to prevent it. We cater to the security professional and the overall IT professional community at large. We're here to help you, not the script kiddies. We have no desire to be an underground hacking site. This is why we setup the site in magazine format with columns, features, calendar of events, etc. As mentioned in other posts, no one has ever been flamed for asking a newbie question. On the other hand, people asking blatantly how to attack someone for malicious intent are flamed off the board.

So, in short, I think all of your preventive content would be a perfect match.

P0et,

I feel your pain as well. I went from being a partner in a software company in the tech boom of the 90s to being unemployed. This was also immediately after 9-11, so no one was hiring. To make ends meet, I did manual labor jobs with immigrant workers in the middle of the night, until I could get whatever tech job I could find. I finally got a temporary job making less than $30,000 per year. After much hard work like you're doing right now, I not only make a pretty decent living, but I also feel like I have a career not just a job. With an attitude like yours, you'll be fine. It may just be hard to see it right now.

As for members taking more from the forums than they give, I would argue that by not posting at all, they are taking more than giving. By posting a newbie question, as mentioned above, this gives back. So even if newbies are not teaching you how to do a pen test that includes firewalking doesn't mean that it is not helping the community. It's just helping in another way.

I hope that makes sense.

Basically, having high level and low level questions sparks conversation with all members. This is what makes this community worth visiting time and time again.

I understand what you're saying, and you're absolutely right. This board is not some irresponsible hacker site, and I hope that I didn't give anyone the impression that I feel that way. I also can honestly say that I've never seen anyone flamed for asking a newbie question. However...

Just because it doesn't happen here, doesn't mean that it hasn't happened to us at other boards, and that leads some people to be hesitant to ask newbie questions. Add to that the fact that many, if not the majority, of IT professionals are introverts to begin with you and have an environment where many people might lurk on the boards for a while before they start to contribute.

As far as I can tell, you're doing everything right. Some people, like myself, just have to get past those personal walls that make you feel like you're not good enough to contribute. Once I got past that I started putting up the stuff that I could and I feel that it has been well received.